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DETAILED ACTION 

1 . Claims 1-42 are pending for consideration. 

Information Disclosure Statement 

2. The information disclosure statement (IDS) submitted on 05/24/2004 and 
03/14/2006 is being considered by the examiner. 

Claim Rejections - 35 USC § 101 

3. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

4. Claims 1-42 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

Claims 1, 23, 26 and 40 recite a system, which is interpreted as a computer program, 
software per se, however, the claim fails to assert the program recorded on an 
appropriate computer-readable medium so as to be structurally and functionally 
interrelated to the medium and permit the function of the descriptive material to be 
realized. Since a computer program is merely a set of instructions capable of being 
executed by a computer without a computer-readable medium needed to realize the 
computer program's functionality, it is regarded as nonstatutory functional descriptive 
material. See MPEP 2106.01 for details. 
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The dependent claims are depended on the rejected base claim, and are rejected for 
the same rationales. 

Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

6. Claims 1 -3, 6-9, 1 1 -1 2, 1 4-1 6, 1 9, 22, 26-28, 34-37 and 39 are rejected under 35 
U.S.C. 102(b) as being anticipated by (Trusted Solaris 8 Operating Environment) 
(hereinafter Solaris). 

Regarding claim 1 , Solaris discloses a network computer system for providing security, 
wherein the network computer system comprises: a monitoring function for the network 
computer system (Solaris: page 16, paragraphs 2-4); at least one outside server for an 
untrusted computer network, wherein the monitoring function can read and execute data 
from the at least one outside server for the untrusted computer network; at least one 
proxy server, wherein the at least one outside server for the untrusted computer 
network is able to read and write data to the at least one proxy server, wherein the 
monitoring function can read and execute data from the at least one proxy server 
(Solaris: page 17, paragraph 2); at least one inside server, wherein the at least one 
proxy server is able to read and write data to the at least one inside server, wherein the 
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monitoring function can read and execute data from the at least one inside server; and a 
core operating system that is a portion of an operating system, wherein the at least one 
outside server, the at least one proxy server and the at least one inside server can read 
and execute data from the core operating system (Solaris: page 18, paragraph 3-5; 
page 21, paragraphs 1-2; and pages 22-24). 

Regarding claims 2 and 27, Solaris discloses wherein the monitoring function includes 
at least one system level auditing function (Solaris: page 18, paragraph 6). 

Regarding claims 3 and 28, Solaris discloses wherein the at least one system level 
auditing function resides within a first compartment and the at least one system level 
auditing function transports system log protocol events, generated by the operating 
system, through the network computer system without providing access to the system 
log protocol events from the at least one outside server, the at least one proxy server 
and the at least one inside server (Solaris: page 18, paragraph 6). 

Regarding claim 6, Solaris discloses wherein the monitoring function includes at least 
one system health monitoring tool (Solaris: page 22, paragraph 3). 

Regarding claim 7, Solaris discloses wherein the at least one system health monitoring 
tool resides within a fourth compartment and a fifth compartment, wherein the fourth 
compartment monitors health and response time for the network computer system, and 
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the fifth compartment includes source code for the system health monitoring tool, 
wherein the fourth compartment can read and execute data located in the fifth 
compartment without modification thereof (Solaris: page 22, paragraph 3). 

Regarding claim 8, Solaris discloses wherein the monitoring function includes at least 
one integrity check system (Solaris: page 22 and page 23). 

Regarding claims 9 and 34, Solaris discloses wherein the at least one integrity check 
system resides within a sixth compartment and a seventh compartment, wherein the 
sixth compartment will provide an integrity check function to monitor changes to a 
baseline configuration of the network computer system and the seventh compartment 
includes source code for the integrity detection system, wherein the sixth compartment 
can read and execute source code located in the seventh compartment without 
modification thereof (Solaris: page 22 and page 23). 

Regarding claims 1 1 and 35, Solaris discloses wherein the at least one outside server 
includes at least one eighth compartment where outside requests are received, 
processed, and then passed to the at least one proxy server for further processing and 
at least one ninth compartment where source code for the at least one outside server 
resides, wherein the at least one eighth compartment can read and execute data from 
the at least one ninth compartment and the at least one ninth compartment can read 
and execute data from the core operating system (Solaris: pages 22-24). 
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Regarding claim 12, Solaris discloses wherein the source code includes encryption 
binaries and configuration files (Solaris: page 19, paragraph 4). 

Regarding claims 14, 36 and 39, Solaris discloses wherein the at least one proxy server 
includes at least one tenth compartment where the at least one proxy server executes 
and filters requests from the at least one outside server, which are then passed to the at 
least one inside server for further processing and at least one eleventh compartment 
wherein source code for the at least one proxy server resides, where the at least one 
tenth compartment can read and execute data from the at least one eleventh 
compartment and the at least one eleventh compartment can read and execute data 
from the core operating system (Solaris: pages 22-24). 

Regarding claim 15, Solaris discloses wherein the source code includes binaries and 
configuration files (Solaris: pages 22-24). 

Regarding claim 16, Solaris discloses wherein the at least one proxy server makes 
buffer checks and file extension requests to ascertain whether a security threat is 
present (Solaris: pages 22-24). 

Regarding claims 19 and 37, Solaris discloses wherein the at least one inside server 
includes at least one twelfth compartment where the at least one inside server executes 
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all requests received from the untrusted computer network that have been screened 
and deemed valid for further processing and at least one thirteenth compartment where 
source code for the at least one inside server resides, wherein the at least one twelfth 
compartment can read and execute data from the at least one thirteenth compartment 
and the at least one thirteenth compartment can read and execute data from the core 
operating system (Solaris: pages 22-24). 

Regarding claim 22, Solaris discloses wherein external data received from the outside 
through an untrusted computer network can pass from the at least one outside server 
wherein data from the at least one outside server can be read and written to the at least 
one proxy server, wherein data from the at least one proxy server can be read and 
written to the at least one inside server, wherein data from can at least one inside server 
can be read and written to at least one software application for further processing 
(Solaris: page 18, paragraph 3-5; page 21, paragraphs 1-2; and pages 22-24). 

Regarding claim 26, this claim has limitations that is similar to those of claim 1 , thus it is 
rejected with the same rationale applied against claim 1 above. 

Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
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invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

8. Claims 4-5, 1 0, 1 3, 1 7-1 8, 20-21 , 23-25, 30-33, 38 and 40-42 are rejected under 
35 U.S.C. 1 03(a) as being unpatentable over Solaris in view of Sheikh et al. (US 
2002/0078382) (hereinafter Sheikh). 

Regarding claims 4 and 29, Solaris does not explicitly disclose wherein the monitoring 
function includes at least one intrusion detection system. However, Sheikh discloses 
wherein the monitoring function includes at least one intrusion detection system 
(Sheikh: paragraphs 0005, 0007 and 001 1 ). Therefore, It would have been obvious to a 
person skilled art at the time the invention was made to have included in Solaris the 
feature of Sheikh as discussed above because a problem exists in the security software 
field because companies need to have security software that has the ability to monitor 
various aspects of the network and allow for forensic analysis when a breach or 
problem does occur (Sheikh: paragraph 0009). 

Regarding claim 5, Solaris does not explicitly disclose wherein the at least one intrusion 
detection system resides within a second compartment and a third compartment, 
wherein the second compartment monitors activity and makes comparisons to known 
patterns that may indicate an attack on the network computer system and the third 
compartment includes source code for the intrusion detection system, wherein the 
second compartment can read and execute data located in the third compartment 
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without modification thereof (Sheikh: paragraphs 001 1 , 0034, 0076, 0078 and 0083). 
The same motivation was utilized in claim 4 applied equally well to claim 5. 

Regarding claims 10, 30-32, 38 and 41, Solaris does not disclose first compartment, 
second compartment, third compartment, fourth compartment, fifth compartment, sixth 
compartment and seventh compartment which will be used as monitoring functions for 
network computer system. However, Sheikh discloses first compartment, second 
compartment, third compartment, fourth compartment, fifth compartment, sixth 
compartment and seventh compartment which will be used as monitoring functions for 
network computer system (Sheikh: paragraphs 001 1 , 0034, 0076, 0078 and 0083). 
Therefore, It would have been obvious to a person skilled art at the time the invention 
was made to have included in Solaris the feature of Sheikh as discussed above 
because a problem exists in the security software field because companies need to 
have security software that has the ability to monitor various aspects of the network and 
allow for forensic analysis when a breach or problem does occur (Sheikh: paragraph 
0009). 

Regarding claims 13 and 33, Solaris as modified discloses wherein the outside server 
includes at least one eighth compartment where outside requests are received, 
processed, and then passed to the at least one proxy server for further processing and 
at least one ninth compartment where source code for the at least one outside server 
resides, wherein the at least one eighth compartment can read and execute data from 
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the at least one ninth compartment and the at least one ninth compartment can read 
and execute data from the at least one core operating system that resides in a 
fourteenth compartment and the third compartment of the intrusion detection function, 
the fifth compartment of the at least one system health monitoring tool and the seventh 
compartment of the at least one check function can read and execute data from the at 
least one eighth compartment for the at least one outside server (Sheikh: paragraphs 
001 1 , 0034, 0076, 0078 and 0083). The same motivation was utilized in claim 4 applied 
equally well to claims 13 and 33. 

Regarding claim 17, Solaris as modified discloses wherein the at least one proxy server 
includes at least one tenth compartment where the at least one proxy server executes 
and filters requests from the at least one outside server which are then passed to the at 
least one inside server for further processing and at least one eleventh compartment 
where source code for the at least one proxy server resides, wherein the at least one 
tenth compartment can read and execute data from the at least one eleventh 
compartment and the at least one eleventh compartment can read and execute data 
from the core operating system, residing in a fourteenth compartment, and the third 
compartment of the at least one intrusion detection function, the fifth compartment of the 
at least one system health monitoring tool and the seventh compartment of the at least 
one integrity check function can read and execute data from the at least one tenth 
compartment for the at least one proxy server (Sheikh: paragraphs 001 1 , 0034, 0076, 
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0078 and 0083). The same motivation was utilized in claim 4 applied equally well to 
claim 17. 

Regarding claim 18, Solaris as modified discloses wherein the source code includes 
binaries and configuration files (Sheikh: paragraphs 001 1 and 0032). The same 
motivation was utilized in claim 4 applied equally well to claim 18. 

Regarding claim 20, Solaris as modified discloses wherein the at least one inside server 
includes at least one twelfth compartment where the at least one inside server executes 
all requests received from the untrusted computer network have been screened and 
deemed valid for further processing and at least one thirteenth compartment where 
binaries and configuration files for the at least one inside server reside, wherein the at 
least one thirteenth compartment can read and execute data from the core operating 
system, residing in a fourteenth compartment, and the third compartment of the at least 
one intrusion detection function, the fifth compartment of the at least one system health 
monitoring tool and the seventh compartment of the at least one integrity check function 
can read and execute data from the at least one twelfth compartment for the at least 
one inside server (Sheikh: paragraphs 001 1 , 0034, 0076, 0078 and 0083). The same 
motivation was utilized in claim 4 applied equally well to claim 20. 

Regarding claim 21, Solaris as modified discloses wherein system log protocol events 
produced by external devices can be forwarded through the at least one outside server, 



Application/Control Number: 10/708,004 Page 12 

Art Unit: 2431 

the at least one proxy server, and the at least one inside server to at least one other 
software application that monitors security intrusions (Sheikh: paragraphs 001 1 , 0034, 
0076, 0078 and 0083). The same motivation was utilized in claim 4 applied equally well 
to claim 21 . 

Regarding claim 23, Solaris discloses a network computer system for providing security, 
wherein the network computer system comprises: at least one system level auditing 
function, wherein the at least one system level auditing function resides within a first 
compartment and the at least one system level auditing function transports system log 
protocol events produced by an operating system through the network computer system 
(Solaris: pages 22-24); 

Solaris does not explicitly disclose at least one intrusion detection system, 
wherein the at least one intrusion detection system resides within a second 
compartment and a third compartment, wherein the second compartment monitors 
activity and makes comparisons to known patterns that may indicate an attack on the 
network computer system and the third compartment is where source code for the 
intrusion detection system resides, wherein the second compartment can read and 
execute data located in the third compartment without modification thereof; at least one 
system health monitoring tool, wherein the at least one system health monitoring tool 
resides within a fourth compartment and a fifth compartment, wherein the fourth 
compartment monitors health and response time for the at least one outside server, the 
at least one proxy server and the at least one inside server and the fifth compartment is 
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where source code for the system health monitoring tool resides, wherein the fourth 
compartment can read and execute data located in the fifth compartment without 
modification thereof; at least one integrity check system, wherein the at least one 
integrity check system resides within a sixth compartment and a seventh compartment, 
wherein the sixth compartment will provide an integrity check function to monitor 
changes to a baseline configuration of the network computer system and the seventh 
compartment is where source code for the integrity check system resides, wherein the 
sixth compartment can read and execute the source code located in the seventh 
compartment without modification thereof; at least one core operating system, residing 
within a fourteenth compartment; at least one outside server for an untrusted computer 
system, wherein the outside server includes at least one eighth compartment where 
outside requests are received and processed and at least one ninth compartment where 
source code for the at least one outside server resides, wherein the at least one eighth 
compartment can read and execute data from the at least one ninth compartment and 
the at least one ninth compartment can read and execute data from the at least one 
core operating system that resides in the fourteenth compartment and the third 
compartment of the at least one intrusion detection function, the fifth compartment of the 
at least one system health monitoring tool and the seventh compartment of the at least 
one integrity check function can read and execute data from the at least one outside 
server; at least one proxy server, wherein the at least one proxy server includes at least 
one tenth compartment where the at least one proxy server executes and filters 
requests from the at least one outside server and at least one eleventh compartment 
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where source code for the at least one proxy server resides, wherein the at least one 
tenth compartment can read and execute data from the at least one eleventh 
compartment and the at least one eleventh compartment can read and execute data 
from the at least one core operating system, residing in the fourteenth compartment, 
and the third compartment of the at least one intrusion detection function, the fifth 
compartment of the at least one system health monitoring tool and the seventh 
compartment of the at least one integrity check function can read and execute data from 
the at least one proxy server; and wherein the at least one inside server includes at 
least one twelfth compartment where the at least one inside server executes all and 
requests received from the unsecured computer network have been screened and 
deemed valid for further processing by the at least one proxy server and at least one 
thirteenth compartment where source code for the at least one inside server resides, 
wherein the at least one twelfth compartment can read and execute data from the at 
least one thirteenth compartment and the at least one thirteenth compartment can read 
and execute data from the at least one core operating system, residing in the fourteenth 
compartment, and the third compartment of the at least one intrusion detection function, 
the fifth compartment of the at least one system health monitoring tool and the seventh 
compartment of the at least one integrity check function can read and execute data from 
the at least one inside server. 

However, Sheikh discloses second compartment through fourteenth 
compartment as described above (Sheikh: paragraphs 0005, 0007 and 0011). 
Therefore, It would have been obvious to a person skilled art at the time the invention 
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was made to have included in Solaris the feature of Sheikh as discussed above 
because a problem exists in the security software field because companies need to 
have security software that has the ability to monitor various aspects of the network and 
allow for forensic analysis when a breach or problem does occur (Sheikh: paragraph 
0009). 

Regarding claim 24, this claim has limitations that is similar to those of claim 3, thus it is 
rejected with the same rationale applied against claim 3 above. 

Regarding claim 25, this claim has limitations that is similar to those of claim 22, thus it 
is rejected with the same rationale applied against claim 22 above. 

Regarding claim 40, this claim has limitations that is similar to those of claim 23, thus it 
is rejected with the same rationale applied against claim 23 above. 

Regarding claim 42, Solaris as modified discloses reading and writing data from the at 
least one inside server can be read and write to at least one software application for 
further processing (Solaris: pages 22-24). 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to TRANG DOAN whose telephone number is (571)272- 
0740. The examiner can normally be reached on Monday-Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571 ) 272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Trang Doan/ 
Examiner, Art Unit 2431 
/Syed Zia/ 

Primary Examiner, Art Unit 2431 



